New Security Vulnerability Figured Out on Vista and Windows 7

Bojan Zdrnja, a handler for the SANS Internet Storm Center, has recently discovered a new flaw which may prove a major risk to organizations using Windows 7 and Vista, as per the news published by computerworld.com on September 8, 2009.

Zdrnja stated that the vulnerability lies in Windows' Samba file-sharing feature. He tested the exploit code and it worked on completely patched Windows 7 and Vista systems running Service Pack 1 or 2. He found that Windows Server 2008 may also get affected by the exploit. If exploited successfully, the flaw will lead to the collapse of the targeted machine. Zdrnja stated that affected system will show the blue screen of death (BSOD).

According to security experts, the BSOD is seen on an NT system whenever there's something horribly wrong with the PCs of the users. They told that blue screen is a screen saver that not just authentically impersonates a BSOD, but also mimics startup screens seen at the time of system boot. In other words, it could be stated that the latest vulnerability can install malware on user's system and thereby, resulting in the crash of the affected system.

Meanwhile, researchers don't know yet if the vulnerability can be exploited remotely, but Zdrnja has stated that only a single packet is enough to crash a machine. Most PCs on internal networks keep port 445 open that is used for the purpose of file sharing.

It is supposed to be quite dangerous as if a hacker is already having access to a compromised PC within the network, which may be through malware or Trojan, then it becomes easier to crash all the machines in the network. Administrators are therefore advised to disable access to port 445.

Generally, home users have this port open, stated Zdrnja. However, in case users join a public Wi-Fi network, Windows will ask them if it is a public network, and if it is, then port 445 is blocked. In other words, Windows issues a warning that will help home users to know about it and block the port immediately.

Zdrnja finally noted that a module for the concerned exploit has already been developed for Metasploit, which is a hacker toolkit for attacking computers.